AUS92000864US1 




We claim 

1. An apparatus that mutually authenticates a first software module and a 
second software module, the apparatus comprising: 

5 a first security tool associated with the first software module; 

a second security tool communicatively coupled to the first software 
module, associated with the second software module; 

the first software module instantiating a first authenticating procedures on 
the second software module and using the second security tool; and 
10 the second software module instantiating a second authenticating 

procedures on the first software module using the first security tools. 

2. The apparatus of claim 1 wherein the first authenticating procedures include 
verifying a digital signature of the second software module. 

15 

3. The apparatus of claim 1 wherein the first authenticating procedures include 
authenticating with a digital certificate. 

4. The apparatus of claim 1 wherein the first software module calls the second 
20 software module, and the first authenticating procedures are implemented prior 

to the first software module calling the second software module. 
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5. The apparatus of claim 4 wherein if the first authenticating procedures fail, the 
first software module does not call the second software module. 



6. The apparatus of claim 1 wherein the second software module contains a 
5 constructor by which the second software module is implemented, and the 

second authenticating procedures are implemented in the constructor. 

7. The apparatus of claim 6 wherein if the second authenticating procedures fail, 
the constructor for the second software module fails. 

10 

8. The apparatus of claim 1 wherein the either the first software module or the 
second software module is dynamically loaded from another computing system. 

9. The apparatus of claim 1 wherein the either first software module or the 
15 second software module is implemented in an operating system independent 

manner. 

10. The apparatus of claim 1 wherein either the first software module or the 
second software module is implemented in Java. 

20 

1 1 . The apparatus of claim 1 , the first security tool comprising a digital signature 
of the first software module. 
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12. The apparatus of claim 1 , the first security tool comprising a digital certificate 
relating to the second software module. 

1 3. The apparatus of claim 1 , the first security tool comprising a public key 
5 relating to the second software module. 

14. A method for mutually authenticating a first software module and a second 
software module, the method comprising: 

authenticating the second software module from the first software module 
10 using a second security tool associated with the second software module; and 
authenticating the first software module from the second software module 
using a first security tool associated with the first software module. 

15. The method of claim 14 further comprising verifying a digital signature. 

15 

16. The method of claim 14 further comprising authenticating with a digital 
certificate. 



17. The method of claim 14, the step of authenticating the second software 
20 module comprising: 

selectively calling the second software module based upon the step of 
authenticating the second software module. 
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18. The method of claim 14 the step of authenticating the first software module 
comprising: 

calling the second software module from the first software module; 
returning a successful result from the second software module upon 
5 authenticating the first software module; and 

returning an unsuccessful result from the second software module upon a 
failure to authenticate the first software module. 

19. The method of claim 18 wherein the step of calling is implemented by a 
10 constructor. 

20. The method of claim 19 wherein the step of returning an unsuccessful result 
does not allow the second software module to be instantiated. 

15 21 . The method of claim 14 wherein the either the first software module or the 
second software module is dynamically loaded from another computing system. 



22. The method of claim 14 wherein the either first software module or the 
second software module is implemented in an operating system independent 
20 manner. 



23. The method of claim 14 wherein either the first software module or the 
second software module is implemented in Java. 
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24. The method of claim 14, the step of authenticating the first software module 
comprising comparing a digital signature of the first software module. 

5 25. The method of claim 14, the step of authenticating the first software module 
comprising comparing information in a digital certificate. 

26. A computer program product on a computer usable medium, the computer 
usable medium having a computer usable program embodied therein for mutually 

10 authenticating a first software module and a second software module, the 

computer usable program including: 

instructions for authenticating the second software module from the first 

software module using a second security tool associated with the second 

software module; and 
15 instructions for authenticating the first software module from the second 

software module using a first security tool associated with the first software 

module. 

27. The computer program product of claim 26 further comprising instructions for 
20 verifying a digital signature. 

28. The computer program product of claim 26 further comprising instructions for 
authenticating with a digital certificate. 
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29. The computer program product of claim 26, the instructions for 
authenticating the second software module comprising: 

instructions for selectively calling the second software module based upon 
5 the instructions for authenticating the second software module. 

30. The computer program product of claim 26 the instructions for authenticating 
the first software module comprising: 

instructions for calling the second software module from the first software 
10 module; 

instructions for returning a successful result from the second software 
module upon authenticating the first software module; and 

instructions for returning an unsuccessful result from the second software 
module upon a failure to authenticate the first software module. 

15 

31. The computer program product of claim 30 wherein the instructions for 
calling are implemented with a constructor. 



20 



32. The computer program product of claim 31 wherein the instructions for 
returning an unsuccessful result do not allow the second software module to be 
instantiated. 
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33. The computer program product of claim 26 wherein the either the first 
software module or the second software module is dynamically loaded from 
another computing system. 

5 34. The computer program product of claim 26 wherein the either first software 
module or the second software module is implemented in an operating system 
independent manner. 

35. The computer program product of claim 26 wherein either the first software 
10 module or the second software module is implemented in Java. 

36. The computer program product of claim 26, the instructions for 
authenticating the first software module comprising instructions for comparing a 
digital signature of the first software module. 

15 

37. The computer program product of claim 26, the instructions for 
authenticating the first software module comprising instructions for comparing 
information in a digital certificate. 

20 38. An apparatus for mutual authentication of a first software module and a 
second software module, the apparatus comprising: 

a plurality of digital key tools associated with the first software module and 
relating to the second software module; 
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a second security tool, communicatively coupled to the first software 
module, associated with the second software module for authenticating the first 
software module; 

the first software module authenticating the second software module using 
5 the plurality of key tools; and 

the second software module authenticating procedures on the first 
software module using the first security tools. 

39. The apparatus of claim 38 the plurality of key tools comprising a plurality of 
10 digital certificates, one of the plurality of digital certificates allowing authentication 

of the second software module. 

40. The apparatus of claim 39 wherein the plurality of digital certificates are 
obfuscated. 

15 

41 . The apparatus of claim 39 wherein the plurality of digital certificates are 
accessed in a pattern known only to the first software module. 

42. The apparatus of claim 41 wherein the pattern is based upon a random 
20 number. 



43. A method for mutual authentication between a first software module and a 
second software module, the method comprising: 
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the first software module authenticating the second software module using 
a plurality of digital key tools associated with the first software module and 
relating to the second software module; 

the second software module authenticating the first software module using 
5 ope or more security tools, the security tools associated with the second software 
module and relating to authenticating the first software module; 

44. The method of claim 43, the plurality of key tools comprising a plurality of 
digital certificates, one of the plurality of digital certificates allowing authentication 

10 of the second software module. 

45. The method of claim 44 wherein the plurality of digital certificates are 
obfuscated. 

15 46. The method of claim 44 further comprising accessing the plurality of digital 
certificates in a pattern, the pattern known only to the first software module. 

47. The apparatus of claim 45 wherein the pattern is based upon a random 
number. 
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